<?php

/*
 * This is for changing password.
 */

include '../../include/config.php';
/*
 * Key
 */
$query = mysql_query("select * from pro where name='passkey' ");
while ($row = mysql_fetch_array($query)) {
    $key = $row['value'];
}

echo '<br>';
/*
 * 
 * Password Encryption Technique.
 */

function _encode($password, $key) {
    $majorsalt = null;
    if ($key != '') {
        $_password = $key . $password;
    } else {
        $_password = $password;
    }
    if (function_exists('str_split')) {
        $_pass = str_split($_password);
    } else {
        $_pass = array();
        if (is_string($_password)) {
            for ($i = 0; $i < strlen($_password); $i++) {
                array_push($_pass, $_password[$i]);
            }
        }
    }

    foreach ($_pass as $_hashpass) {
        $majorsalt .= md5($_hashpass);
    }
    return $password = md5($majorsalt);
}

include '../../include/config.php';
$pass1 = $_POST['password1'];
$pass2 = $_POST['password2'];
if ($pass1 == '' || $pass2 == '') {
    header('Location:../view/myaccount?e=Password are empty');
}

$cp = mysql_query("select password from fa_user where id='" . $_COOKIE['gid'] . "'") or die(mysql_error());
while ($cpp = mysql_fetch_array($cp)) {
    $currentpass = $cpp['password'];
    echo $currentpass . '<br>';
}
echo $pass1 . '<br>';
$p1 = _encode($pass1, $key);
echo $p1 . '<br>';
if ($currentpass != $p1) {
    header('Location:../view/myaccount?e=Wrong Password');
    echo 'not vaild.';
} else {
    $pass = _encode($pass2, $key);
    mysql_query("update fa_user set password='" . $pass . "' where id='" . $_COOKIE['gid'] . "' ") or die(mysql_error());
    header('Location:../view/myaccount?s=Password Changed');
}
?>
